1. /*
  2. * @(#)Identity.java 1.56 00/02/02
  3. *
  4. * Copyright 1996-2000 Sun Microsystems, Inc. All Rights Reserved.
  5. *
  6. * This software is the proprietary information of Sun Microsystems, Inc.
  7. * Use is subject to license terms.
  8. *
  9. */
  10. package java.security;
  11. import java.io.Serializable;
  12. import java.util.*;
  13. /**
  14. * <p>This class represents identities: real-world objects such as people,
  15. * companies or organizations whose identities can be authenticated using
  16. * their public keys. Identities may also be more abstract (or concrete)
  17. * constructs, such as daemon threads or smart cards.
  18. *
  19. * <p>All Identity objects have a name and a public key. Names are
  20. * immutable. Identities may also be scoped. That is, if an Identity is
  21. * specified to have a particular scope, then the name and public
  22. * key of the Identity are unique within that scope.
  23. *
  24. * <p>An Identity also has a set of certificates (all certifying its own
  25. * public key). The Principal names specified in these certificates need
  26. * not be the same, only the key.
  27. *
  28. * <p>An Identity can be subclassed, to include postal and email addresses,
  29. * telephone numbers, images of faces and logos, and so on.
  30. *
  31. * @see IdentityScope
  32. * @see Signer
  33. * @see Principal
  34. *
  35. * @version 1.56
  36. * @author Benjamin Renaud
  37. * @deprecated This class is no longer used. Its functionality has been
  38. * replaced by <code>java.security.KeyStore</code>, the
  39. * <code>java.security.cert</code> package, and
  40. * <code>java.security.Principal</code>.
  41. */
  42. public abstract class Identity implements Principal, Serializable {
  43. /** use serialVersionUID from JDK 1.1.x for interoperability */
  44. private static final long serialVersionUID = 3609922007826600659L;
  45. /**
  46. * The name for this identity.
  47. *
  48. * @serial
  49. */
  50. private String name;
  51. /**
  52. * The public key for this identity.
  53. *
  54. * @serial
  55. */
  56. private PublicKey publicKey;
  57. /**
  58. * Generic, descriptive information about the identity.
  59. *
  60. * @serial
  61. */
  62. String info = "No further information available.";
  63. /**
  64. * The scope of the identity.
  65. *
  66. * @serial
  67. */
  68. IdentityScope scope;
  69. /**
  70. * The certificates for this identity.
  71. *
  72. * @serial
  73. */
  74. Vector certificates;
  75. /**
  76. * Constructor for serialization only.
  77. */
  78. protected Identity() {
  79. this("restoring...");
  80. }
  81. /**
  82. * Constructs an identity with the specified name and scope.
  83. *
  84. * @param name the identity name.
  85. * @param scope the scope of the identity.
  86. *
  87. * @exception KeyManagementException if there is already an identity
  88. * with the same name in the scope.
  89. */
  90. public Identity(String name, IdentityScope scope) throws
  91. KeyManagementException {
  92. this(name);
  93. if (scope != null) {
  94. scope.addIdentity(this);
  95. }
  96. this.scope = scope;
  97. }
  98. /**
  99. * Constructs an identity with the specified name and no scope.
  100. *
  101. * @param name the identity name.
  102. */
  103. public Identity(String name) {
  104. this.name = name;
  105. }
  106. /**
  107. * Returns this identity's name.
  108. *
  109. * @return the name of this identity.
  110. */
  111. public final String getName() {
  112. return name;
  113. }
  114. /**
  115. * Returns this identity's scope.
  116. *
  117. * @return the scope of this identity.
  118. */
  119. public final IdentityScope getScope() {
  120. return scope;
  121. }
  122. /**
  123. * Returns this identity's public key.
  124. *
  125. * @return the public key for this identity.
  126. */
  127. public PublicKey getPublicKey() {
  128. return publicKey;
  129. }
  130. /**
  131. * Sets this identity's public key. The old key and all of this
  132. * identity's certificates are removed by this operation.
  133. *
  134. * <p>First, if there is a security manager, its <code>checkSecurityAccess</code>
  135. * method is called with <code>"setIdentityPublicKey"</code>
  136. * as its argument to see if it's ok to set the public key.
  137. *
  138. * @param key the public key for this identity.
  139. *
  140. * @exception KeyManagementException if another identity in the
  141. * identity's scope has the same public key, or if another exception occurs.
  142. *
  143. * @exception SecurityException if a security manager exists and its
  144. * <code>checkSecurityAccess</code> method doesn't allow
  145. * setting the public key.
  146. *
  147. * @see SecurityManager#checkSecurityAccess
  148. */
  149. /* Should we throw an exception if this is already set? */
  150. public void setPublicKey(PublicKey key) throws KeyManagementException {
  151. check("setIdentityPublicKey");
  152. this.publicKey = key;
  153. certificates = new Vector();
  154. }
  155. /**
  156. * Specifies a general information string for this identity.
  157. *
  158. * <p>First, if there is a security manager, its <code>checkSecurityAccess</code>
  159. * method is called with <code>"setIdentityInfo"</code>
  160. * as its argument to see if it's ok to specify the information string.
  161. *
  162. * @param info the information string.
  163. *
  164. * @exception SecurityException if a security manager exists and its
  165. * <code>checkSecurityAccess</code> method doesn't allow
  166. * setting the information string.
  167. *
  168. * @see #getInfo
  169. * @see SecurityManager#checkSecurityAccess
  170. */
  171. public void setInfo(String info) {
  172. check("setIdentityInfo");
  173. this.info = info;
  174. }
  175. /**
  176. * Returns general information previously specified for this identity.
  177. *
  178. * @return general information about this identity.
  179. *
  180. * @see #setInfo
  181. */
  182. public String getInfo() {
  183. return info;
  184. }
  185. /**
  186. * Adds a certificate for this identity. If the identity has a public
  187. * key, the public key in the certificate must be the same, and if
  188. * the identity does not have a public key, the identity's
  189. * public key is set to be that specified in the certificate.
  190. *
  191. * <p>First, if there is a security manager, its <code>checkSecurityAccess</code>
  192. * method is called with <code>"addIdentityCertificate"</code>
  193. * as its argument to see if it's ok to add a certificate.
  194. *
  195. * @param certificate the certificate to be added.
  196. *
  197. * @exception KeyManagementException if the certificate is not valid,
  198. * if the public key in the certificate being added conflicts with
  199. * this identity's public key, or if another exception occurs.
  200. *
  201. * @exception SecurityException if a security manager exists and its
  202. * <code>checkSecurityAccess</code> method doesn't allow
  203. * adding a certificate.
  204. *
  205. * @see SecurityManager#checkSecurityAccess
  206. */
  207. public void addCertificate(Certificate certificate)
  208. throws KeyManagementException {
  209. check("addIdentityCertificate");
  210. if (certificates == null) {
  211. certificates = new Vector();
  212. }
  213. if (publicKey != null) {
  214. if (!keyEquals(publicKey, certificate.getPublicKey())) {
  215. throw new KeyManagementException(
  216. "public key different from cert public key");
  217. }
  218. } else {
  219. publicKey = certificate.getPublicKey();
  220. }
  221. certificates.addElement(certificate);
  222. }
  223. private boolean keyEquals(Key aKey, Key anotherKey) {
  224. String aKeyFormat = aKey.getFormat();
  225. String anotherKeyFormat = anotherKey.getFormat();
  226. if ((aKeyFormat == null) ^ (anotherKeyFormat == null))
  227. return false;
  228. if (aKeyFormat != null && anotherKeyFormat != null)
  229. if (!aKeyFormat.equalsIgnoreCase(anotherKeyFormat))
  230. return false;
  231. return java.util.Arrays.equals(aKey.getEncoded(),
  232. anotherKey.getEncoded());
  233. }
  234. /**
  235. * Removes a certificate from this identity.
  236. *
  237. * <p>First, if there is a security manager, its <code>checkSecurityAccess</code>
  238. * method is called with <code>"removeIdentityCertificate"</code>
  239. * as its argument to see if it's ok to remove a certificate.
  240. *
  241. * @param certificate the certificate to be removed.
  242. *
  243. * @exception KeyManagementException if the certificate is
  244. * missing, or if another exception occurs.
  245. *
  246. * @exception SecurityException if a security manager exists and its
  247. * <code>checkSecurityAccess</code> method doesn't allow
  248. * removing a certificate.
  249. *
  250. * @see SecurityManager#checkSecurityAccess
  251. */
  252. public void removeCertificate(Certificate certificate)
  253. throws KeyManagementException {
  254. check("removeIdentityCertificate");
  255. if (certificates != null) {
  256. certificates.removeElement(certificate);
  257. }
  258. }
  259. /**
  260. * Returns a copy of all the certificates for this identity.
  261. *
  262. * @return a copy of all the certificates for this identity.
  263. */
  264. public Certificate[] certificates() {
  265. if (certificates == null) {
  266. return new Certificate[0];
  267. }
  268. int len = certificates.size();
  269. Certificate[] certs = new Certificate[len];
  270. certificates.copyInto(certs);
  271. return certs;
  272. }
  273. /**
  274. * Tests for equality between the specified object and this identity.
  275. * This first tests to see if the entities actually refer to the same
  276. * object, in which case it returns true. Next, it checks to see if
  277. * the entities have the same name and the same scope. If they do,
  278. * the method returns true. Otherwise, it calls
  279. * {@link #identityEquals(Identity) identityEquals}, which subclasses should
  280. * override.
  281. *
  282. * @param identity the object to test for equality with this identity.
  283. *
  284. * @return true if the objects are considered equal, false otherwise.
  285. *
  286. * @see #identityEquals
  287. */
  288. public final boolean equals(Object identity) {
  289. if (identity == this) {
  290. return true;
  291. }
  292. if (identity instanceof Identity) {
  293. Identity i = (Identity)identity;
  294. if (this.fullName().equals(i.fullName())) {
  295. return true;
  296. } else {
  297. return identityEquals(i);
  298. }
  299. }
  300. return false;
  301. }
  302. /**
  303. * Tests for equality between the specified identity and this identity.
  304. * This method should be overriden by subclasses to test for equality.
  305. * The default behavior is to return true if the names and public keys
  306. * are equal.
  307. *
  308. * @param identity the identity to test for equality with this identity.
  309. *
  310. * @return true if the identities are considered equal, false
  311. * otherwise.
  312. *
  313. * @see #equals
  314. */
  315. protected boolean identityEquals(Identity identity) {
  316. if (!name.equalsIgnoreCase(identity.name))
  317. return false;
  318. if ((publicKey == null) ^ (identity.publicKey == null))
  319. return false;
  320. if (publicKey != null && identity.publicKey != null)
  321. if (!publicKey.equals(identity.publicKey))
  322. return false;
  323. return true;
  324. }
  325. /**
  326. * Returns a parsable name for identity: identityName.scopeName
  327. */
  328. String fullName() {
  329. String parsable = name;
  330. if (scope != null) {
  331. parsable += "." + scope.getName();
  332. }
  333. return parsable;
  334. }
  335. /**
  336. * Returns a short string describing this identity, telling its
  337. * name and its scope (if any).
  338. *
  339. * <p>First, if there is a security manager, its <code>checkSecurityAccess</code>
  340. * method is called with <code>"printIdentity"</code>
  341. * as its argument to see if it's ok to return the string.
  342. *
  343. * @return information about this identity, such as its name and the
  344. * name of its scope (if any).
  345. *
  346. * @exception SecurityException if a security manager exists and its
  347. * <code>checkSecurityAccess</code> method doesn't allow
  348. * returning a string describing this identity.
  349. *
  350. * @see SecurityManager#checkSecurityAccess
  351. */
  352. public String toString() {
  353. check("printIdentity");
  354. String printable = name;
  355. if (scope != null) {
  356. printable += "[" + scope.getName() + "]";
  357. }
  358. return printable;
  359. }
  360. /**
  361. * Returns a string representation of this identity, with
  362. * optionally more details than that provided by the
  363. * <code>toString</code> method without any arguments.
  364. *
  365. * <p>First, if there is a security manager, its <code>checkSecurityAccess</code>
  366. * method is called with <code>"printIdentity"</code>
  367. * as its argument to see if it's ok to return the string.
  368. *
  369. * @param detailed whether or not to provide detailed information.
  370. *
  371. * @return information about this identity. If <code>detailed</code>
  372. * is true, then this method returns more information than that
  373. * provided by the <code>toString</code> method without any arguments.
  374. *
  375. * @exception SecurityException if a security manager exists and its
  376. * <code>checkSecurityAccess</code> method doesn't allow
  377. * returning a string describing this identity.
  378. *
  379. * @see #toString
  380. * @see SecurityManager#checkSecurityAccess
  381. */
  382. public String toString(boolean detailed) {
  383. String out = toString();
  384. if (detailed) {
  385. out += "\n";
  386. out += printKeys();
  387. out += "\n" + printCertificates();
  388. if (info != null) {
  389. out += "\n\t" + info;
  390. } else {
  391. out += "\n\tno additional information available.";
  392. }
  393. }
  394. return out;
  395. }
  396. String printKeys() {
  397. String key = "";
  398. if (publicKey != null) {
  399. key = "\tpublic key initialized";
  400. } else {
  401. key = "\tno public key";
  402. }
  403. return key;
  404. }
  405. String printCertificates() {
  406. String out = "";
  407. if (certificates == null) {
  408. return "\tno certificates";
  409. } else {
  410. out += "\tcertificates: \n";
  411. Enumeration e = certificates.elements();
  412. int i = 1;
  413. while (e.hasMoreElements()) {
  414. Certificate cert = (Certificate)e.nextElement();
  415. out += "\tcertificate " + i++ +
  416. "\tfor : " + cert.getPrincipal() + "\n";
  417. out += "\t\t\tfrom : " +
  418. cert.getGuarantor() + "\n";
  419. }
  420. }
  421. return out;
  422. }
  423. /**
  424. * Returns a hashcode for this identity.
  425. *
  426. * @return a hashcode for this identity.
  427. */
  428. public int hashCode() {
  429. return name.hashCode();
  430. }
  431. private static void check(String directive) {
  432. SecurityManager security = System.getSecurityManager();
  433. if (security != null) {
  434. security.checkSecurityAccess(directive);
  435. }
  436. }
  437. }